Microsoft Edge Information Disclosure Vulnerability

CVE-2024-30056

7.1HIGH

Key Information

Vendor: Microsoft
Status: Microsoft Edge (chromium-based)
Vendor: CVE Published:; 25 May 2024

Badges

👾 Exploit Exists📰 News Worthy

Summary

The vulnerability CVE-2024-30056 is an information disclosure vulnerability in Microsoft Edge, a Chromium-based web browser. The vulnerability allows unauthorized actors to access private user information, potentially posing a risk to data privacy and security. A Proof-of-Concept (PoC) exploit has been released, demonstrating the feasibility of unauthorized access to private user information. Microsoft has rated the severity of the vulnerability as "Important" with a CVSS score of 7.1 out of 10. The company is working on a patch to address the issue, but in the meantime, users are urged to exercise caution when browsing the web and ensure their browser is updated to the latest version as soon as a fix becomes available. It is important for users to stay informed, apply security patches, and exercise caution when interacting with untrusted sources.

Affected Version(s)

Microsoft Edge (Chromium-based) < 124.0.2478.109

News Articles

CybersecurityNews

CVE-2024-30056

PoC Exploit Released for Microsoft Edge Information Disclosure Vulnerability

Cybersecurity researchers have released a Proof-of-Concept (PoC) exploit for a recently disclosed disclosure Microsoft Edge vulnerability.

4 months ago

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

👾
Exploit exists.
Jun 20, 2024
First article discovered by CybersecurityNews
May 30, 2024
Vulnerability published.
May 25, 2024
Vulnerability Reserved.
Mar 22, 2024

Collectors

NVD DatabaseMitre Database1 News Article(s)